Bot (who knows it?)

**anonymez** · 18 Nov 2005, 09:05 PM

i believe its a worm, see here http://www.securitystronghold.com/en...ution-3935.php

if that's correct, get a virus scanner, or do an online (free) virus scan at http://www.mcafee.com

**jeo** · 18 Nov 2005, 10:03 PM

you're right anonymez!

from Spyware and Adware Encyclopedia(first link):

Name of the thread: Microsoft Synchronization Manager
Command or file name: bot.exe
Hazard index: 5. Dangerous threat! Virus, trojan or spyware. You must get rid of it as soon as possible.

Microsoft Synchronization Manager? what Bill is doing?!?
anonymez,i download the truesword.exe from the link but send me the sword from your signature and i will "kill Bill".

now i'm in mcafee page to remove it.(i will and later i post the result)

too much

**jeo** · 18 Nov 2005, 11:38 PM

anonymez,
see what happens using true sword:

after run 40%,the program stop and close(as a blink)without any advice.

in mcafee i can't find the online (free) virus scan.

running regedit was found:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}\FilesNamedMRU
ab 000 REG_SZ bot*.*...
ab 001 REG_SZ *bot*.*...

HKEY_USERS\S-1-5-21-861567501-842925246-854245398-500\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}\FilesNamedMRU
ab 000 REG_SZ bot*.*...
ab 001 REG_SZ *bot*.*...

i'm afraid to remove this keys.should i backup this keys and remove for test?
what do you think?

thanks in advance!

**anonymez** · 18 Nov 2005, 11:58 PM

IMO don't touch the registry unless you know what you're doing. to get to the online virus scan at mcafee, go to the link i provided, click 'home and home office', it will lead you to another page, where it has a little box at the bottom saying 'free tools'. click 'free scan'.

**C.E.O.** · 19 Nov 2005, 12:51 AM

HouseCall – Free Online Security Scan

http://housecall.trendmicro.com/

Detect and fix viruses, worms, spyware, and other malicious threats for free.

theres another free solution if you cant find it on McAfee.

**H@X** · 19 Nov 2005, 02:42 AM

talking about bots i have 2 of them that show up on my aim buddy list. thats new

**jeo** · 20 Nov 2005, 12:04 AM

anonymez,
mcafee found only one file called "Generic Adware.txt" that was installed from sound blaster original cd that have 2 years old..

(how can it be?)..nothing more.

C.E.O.,
trend found 26 spywares(25 cookies) and one file called "ADW_TARGETSAV.A Adware".all was removed.
when trend was running,avgfree found 2 virus,but not had found anything before.(seems crazy?

no one can find the "bot" files and as i posted they still in the registry.

bot is one "amazing" file don't?

i will delete this files from the registry after backup it.
if i stay out from the forum for more than one day means that my system crash or

...or...

H@X,
take care of this files.
search in the registry where they are and wait my result after i delete and backup it.

for all

**Chewy** · 20 Nov 2005, 01:41 AM

Trojan Hunter ® anti-trojan scanner - Remove trojans, malware, adware and trojan horses with our anti-malware software

http://www.trojanhunter.com/

remove trojans,remove trojan,remove adware,remove malware,malware remover,trojan remover,trojan scanner,anti-trojan,anti-malware,anti-adware,malware scanner,trojan scanner,adware scanner,spyware scanner,remove spyware,anti-spyware

install it, update it, reboot into safe mode run deep scan

might find everything, all the other things you have done are easily
defeated by modern trojans.

**jeo** · 20 Nov 2005, 02:33 AM

anonymez,
thanks for your interest.you help me so much!

C.E.O.
thanks,trend is very cool and solve the problem, now everything is ok.

rbrtpl,
trojan hunter was not needed.
after reboot bot files gone.thanks

in the end.....

to you all!
great team!

**Chewy** · 20 Nov 2005, 02:43 AM

Originally Posted by jeo

rbrtpl,
trojan hunter was not needed.
after reboot bot files gone.thanks

You can't be too sure, I ran three scanners in safe mode, each
found something and wasn't truly disinfected until I repeated with
broadband disconnected.

**jeo** · 20 Nov 2005, 03:16 AM

well,searching with regedit the bot files was not found...it's gone(seems) and the dial up don't appaer when i power on or reboot.

but ok,i will use trojanhunter now following your advice.

thank you.

**jeo** · 20 Nov 2005, 06:31 AM

rbrtpl,
trojan hunter don't found anything wrong.
seems everything ok now.

thank you

**Chewy** · 20 Nov 2005, 06:41 AM

Ur welcome and be careful out there, it's getting more and more dangerous just to surf!

**anonymez** · 20 Nov 2005, 09:22 AM

glad you got rid of it, jeo!

just make sure you have a good firewall installed, you don't surf any suspicious websites, and watch what files you open/install. also have adware, spyware and anti-virus software installed.

Bot (who knows it?)

Bot (who knows it?)

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment